Thailand’s Great Cybersecurity Push

11 Dec Thailand’s Great Cybersecurity Push

The Cybersecurity industry is seeing record growth worldwide, both in businesses and on the stock exchange with Gartner forecasting the industry currently stands at a valuation of $96 billion with 8% year-on-year growth expected. Sadly, the scaling of the industry, its large investment, and business valuations are all driven by the rapid increase of cybercrime which is causing palpable operational risk across the globe.

Much of the Western world has naturally evolved into a place where at home, and in the office, there is a minimum threshold of security. This level of protection for other regions is problematic. The dynamic and ever-changing landscape of technology leaves some nations in a limbo struggling to keep up, make pace, or even decide on when and how to start. Thailand is one such country that is facing these issues head-on; an increasingly connected population and the country’s 4.0 initiatives facing off again laws needing modernized, a workforce needing to be trained and a population that is necessary to inform.

Cybersecurity threats in Thailand are intensifying and their current cybersecurity ranking, worryingly, is falling to new lows. A country typically scorned for its cybersecurity protocol is somehow seeing its reputation drop further.

Thailand is attempting to change this image through a handful of legislative pushes and investment plays.

From the 157 countries evaluated by Symantec for cybersecurity– Thailand can be found as seventh-worst in the APAC region overall, a slide from 9th in 2016. It also finds itself dipping across the IT security spectrum, dropping to 12th for SPAM email infiltrations, 21st for ransomware attacks and 11th for network attacks. The nation dropping to 18th worst from 25th in 2016, for cyrptojacking malware infections.

All these infections and security breaches come as at a cost: Julian Garsany, Deputy Regional Representative of the UN Office on Drugs and Crime, told a Bangkok seminar that the cost of cybercrime, was estimated between $120 – $200 million for the ASEAN region; however Gartner and Frost & Sullivan see the potential cost to Thailand alone closer $500 million once you include indirect costs, not just the direct cost of fraud and breaches. Gartner estimated that Thailand spent around 6.7 billion baht (0.07% GDP) on cybersecurity in 2017, a number which is expected to grow to 0.35% over the next 8 years.

Although the rates of cybercrime and the current levels of defense are troublesome, Thailand is inspired to make proactive positive change, opening a cybersecurity center dubbed the ASEAN-Japan Cybersecurity Capacity Building Centre (AJCCBC). This specialist center is designed to help train personnel from countries in the ASEAN region giving them the information to combat the rising danger of cyber threats. The center was initiated from a meeting between ASEAN members and Japan’s minister who are looking to develop cybersecurity coalition for everyone. The center itself is expected to turnover 700 graduates, specializing in cyber-defense, malware analysis and digital forensics with the curriculum designed by Japanese industry leaders.

“Every ASEAN member state is experiencing more sophisticated cyber threats, whereas the cybersecurity personnel are yet insufficient,” said Surangkana Wayuparb, Executive Director of Thailand’s Electronic Transaction Development Agency, where the center is located.

Thailand has also searched for international consultation and is seeking the advice of Israeli cybersecurity experts in the hopes of bolstering the nations critical infrastructure security. As well as international governments they have also enlisted the support of corporations, like NEC who will hold training exercises at the AJCCBC through May 2019, for 150 government and critical infrastructure officials and Cisco, who will train 1,000 security professionals. Furthermore, the “Cyber South East Asian Games” will be held for young engineers and students from each member state who will be invited to participate in a competition on cyberattack coping.

Although Thailand is lagging in implementation and awareness, it is regarded as one of the most committed countries cybersecurity investment, lagging behind only Singapore and Malaysia in Asia.

Tackling the cybersecurity dilemma is fraught with pitfalls and there is no one size fits all solution. ThaiCERT announced that the top 3 security threats facing Thailand were Fraud, intrusion attempts and complete intrusion, usually in the form of Trojan attacks. Lawmakers are expected to enact a slew of new bills and upgrades to force companies to start implementing proper cyber security protocol.

One of the main drivers for dynamic changes is the push toward Thailand 4.0 and industry 4.0 initiatives. In order to better meet these industry goals, Thailand is pairing education, and technology with robust Data Protection and Cyber Security Law. Recognizing its role as a world-leading medical tourism destination and Financial and Logistical hub, Thailand’s leaders realize it needs to tighten up the security protocol across private and public operations. As such the government is focusing on six sectors, government services, financial services, healthcare, logistics, and energy.

The digital economy agency proposed 4 draft bills through 2018, as they seek cabinet approval ahead of 2019. Part of the legislation is the new Cybersecurity bill which will establish the National Security Agency, an agency that who will directly oversee the National Cybersecurity Operation and the National Data Protection Agency – all of which are looking to set up in the next 6 – 12 months. With 200 million baht in the coffers to start the push, Thailand is intent on seeing 1000 cybersecurity specialists in the next year. Paired with the Cybersecurity bill is the Data Protection Law, essentially the Thai GDPR, the Data Protection Law, Electronic Transaction Law and the law on the establishment of Electronic Transactions Development Agency (ETDA). It will then be forwarded to the National Legislative Assembly (NLA) for a final approval before a government announcement to the public in the second half of next year.

It is hoped this security drive will help establish Thailand among the top countries in Asia and eventually the world as it looks to create more confidence in e-payment, e-commerce, and online transactions. The dynamic change should also help in encouraging foreign investment, tackling privacy and lead to a more sustainable business environment long-term.